---
title: GoogleProvider
editUrl: https://github.com/toolbeam/openauth/blob/master/packages/openauth/src/provider/google.ts
description: Reference doc for the `GoogleProvider`.
---

import { Segment, Section, NestedTitle, InlineSection } from 'toolbeam-docs-theme/components'
import { Tabs, TabItem } from '@astrojs/starlight/components'

<div class="tsdoc">
<Section type="about">
Use this provider to authenticate with Google. Supports both OAuth2 and OIDC.

#### Using OAuth

```ts {5-8}
import { GoogleProvider } from "@openauthjs/openauth/provider/google"

export default issuer({
  providers: {
    google: GoogleProvider({
      clientID: "1234567890",
      clientSecret: "0987654321"
    })
  }
})
```

#### Using OIDC

```ts {5-7}
import { GoogleOidcProvider } from "@openauthjs/openauth/provider/google"

export default issuer({
  providers: {
    google: GoogleOidcProvider({
      clientID: "1234567890"
    })
  }
})
```
</Section>
---
## Methods
### GoogleOidcProvider
<Segment>
<Section type="signature">
```ts
GoogleOidcProvider(config)
```
</Section>
<Section type="parameters">
#### Parameters
- <p><code class="key">config</code> [<code class="type">GoogleOidcConfig</code>](/docs/provider/google#googleoidcconfig)</p>
The config for the provider.
</Section>
<InlineSection>
**Returns** <code class="type">Provider</code>
</InlineSection>
Create a Google OIDC provider.

This is useful if you just want to verify the user's email address.
```ts
GoogleOidcProvider({
  clientID: "1234567890"
})
```
</Segment>
### GoogleProvider
<Segment>
<Section type="signature">
```ts
GoogleProvider(config)
```
</Section>
<Section type="parameters">
#### Parameters
- <p><code class="key">config</code> [<code class="type">GoogleConfig</code>](/docs/provider/google#googleconfig)</p>
The config for the provider.
</Section>
<InlineSection>
**Returns** <code class="type">Provider</code>
</InlineSection>
Create a Google OAuth2 provider.
```ts
GoogleProvider({
  clientID: "1234567890",
  clientSecret: "0987654321"
})
```
</Segment>
## GoogleConfig
<Segment>
<Section type="parameters">
- <p>[<code class="key">clientID</code>](#googleconfig.clientid) <code class="primitive">string</code></p>
- <p>[<code class="key">clientSecret</code>](#googleconfig.clientsecret) <code class="primitive">string</code></p>
- <p>[<code class="key">pkce?</code>](#googleconfig.pkce) <code class="primitive">boolean</code></p>
- <p>[<code class="key">query?</code>](#googleconfig.query) <code class="primitive">Record</code><code class="symbol">&lt;</code><code class="primitive">string</code>, <code class="primitive">string</code><code class="symbol">&gt;</code></p>
- <p>[<code class="key">scopes</code>](#googleconfig.scopes) <code class="primitive">string</code><code class="symbol">[]</code></p>
</Section>
</Segment>
<NestedTitle id="googleconfig.clientid" Tag="h4" parent="GoogleConfig.">clientID</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">string</code>
</InlineSection>
</Section>
The client ID.

This is just a string to identify your app.
```ts
{
  clientID: "my-client"
}
```
</Segment>
<NestedTitle id="googleconfig.clientsecret" Tag="h4" parent="GoogleConfig.">clientSecret</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">string</code>
</InlineSection>
</Section>
The client secret.

This is a private key that's used to authenticate your app. It should be kept secret.
```ts
{
  clientSecret: "0987654321"
}
```
</Segment>
<NestedTitle id="googleconfig.pkce" Tag="h4" parent="GoogleConfig.">pkce?</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">boolean</code>
</InlineSection>
</Section>

<InlineSection>
**Default** false
</InlineSection>
Whether to use PKCE (Proof Key for Code Exchange) for the authorization code flow.
Some providers like x.com require this.
</Segment>
<NestedTitle id="googleconfig.query" Tag="h4" parent="GoogleConfig.">query?</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">Record</code><code class="symbol">&lt;</code><code class="primitive">string</code>, <code class="primitive">string</code><code class="symbol">&gt;</code>
</InlineSection>
</Section>
Any additional parameters that you want to pass to the authorization endpoint.
```ts
{
  query: {
    access_type: "offline",
    prompt: "consent"
  }
}
```
</Segment>
<NestedTitle id="googleconfig.scopes" Tag="h4" parent="GoogleConfig.">scopes</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">string</code><code class="symbol">[]</code>
</InlineSection>
</Section>
A list of OAuth scopes that you want to request.
```ts
{
  scopes: ["email", "profile"]
}
```
</Segment>
## GoogleOidcConfig
<Segment>
<Section type="parameters">
- <p>[<code class="key">clientID</code>](#googleoidcconfig.clientid) <code class="primitive">string</code></p>
- <p>[<code class="key">query?</code>](#googleoidcconfig.query) <code class="primitive">Record</code><code class="symbol">&lt;</code><code class="primitive">string</code>, <code class="primitive">string</code><code class="symbol">&gt;</code></p>
- <p>[<code class="key">scopes?</code>](#googleoidcconfig.scopes) <code class="primitive">string</code><code class="symbol">[]</code></p>
</Section>
</Segment>
<NestedTitle id="googleoidcconfig.clientid" Tag="h4" parent="GoogleOidcConfig.">clientID</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">string</code>
</InlineSection>
</Section>
The client ID.

This is just a string to identify your app.
```ts
{
  clientID: "my-client"
}
```
</Segment>
<NestedTitle id="googleoidcconfig.query" Tag="h4" parent="GoogleOidcConfig.">query?</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">Record</code><code class="symbol">&lt;</code><code class="primitive">string</code>, <code class="primitive">string</code><code class="symbol">&gt;</code>
</InlineSection>
</Section>
Any additional parameters that you want to pass to the authorization endpoint.
```ts
{
  query: {
    prompt: "consent"
  }
}
```
</Segment>
<NestedTitle id="googleoidcconfig.scopes" Tag="h4" parent="GoogleOidcConfig.">scopes?</NestedTitle>
<Segment>
<Section type="parameters">
<InlineSection>
**Type** <code class="primitive">string</code><code class="symbol">[]</code>
</InlineSection>
</Section>
A list of OIDC scopes that you want to request.
```ts
{
  scopes: ["openid", "profile", "email"]
}
```
</Segment>
</div>